General
-
Target
ce_build.exe
-
Size
17.1MB
-
Sample
240427-hsydtsdd87
-
MD5
b472206ec5e5e4b959d0f18998a37d44
-
SHA1
4e01afcea4134aca4f13baa5752f61b56c435a16
-
SHA256
9c19964264cfcf7e38da598d9536df0bdec90b29ac1ea4300f5804b1102bf9b7
-
SHA512
13ad92ef10b77c9b768f73d44b3d4d20da68bcc3820210923a972997f43bd3d2588002511a60af321d8ce139ec7aa82aec030c5790b7c2174f3c9df082a0a773
-
SSDEEP
393216:2EGbM6UZbcjyu6LMvkEJ+NqwfnTqCJrsMZgTdeN4+Rs/:25bdUZoj5BJwVfTqC9sMqT0hs/
Static task
static1
Malware Config
Targets
-
-
Target
ce_build.exe
-
Size
17.1MB
-
MD5
b472206ec5e5e4b959d0f18998a37d44
-
SHA1
4e01afcea4134aca4f13baa5752f61b56c435a16
-
SHA256
9c19964264cfcf7e38da598d9536df0bdec90b29ac1ea4300f5804b1102bf9b7
-
SHA512
13ad92ef10b77c9b768f73d44b3d4d20da68bcc3820210923a972997f43bd3d2588002511a60af321d8ce139ec7aa82aec030c5790b7c2174f3c9df082a0a773
-
SSDEEP
393216:2EGbM6UZbcjyu6LMvkEJ+NqwfnTqCJrsMZgTdeN4+Rs/:25bdUZoj5BJwVfTqC9sMqT0hs/
-
Looks for VMWare Tools registry key
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-